Stellar, Bitcoin, and the Psychology of Trust

The summer after my junior year of college, I landed an internship at a marine and reef conservation non-profit in LA. I was in school in Pennsylvania at the time, which meant I’d be jetting off to a city on the opposite side of the country where I knew exactly one person. I’ve always had a rather laissez-faire approach to travel, so it didn’t occur to me until about two weeks prior to my start date that I didn’t actually have a place to stay. I certainly would have been in good company had I ended up joining the ranks of Venice Beach’s homeless population for the summer, but I opted for a more mainstream approach and started scouring Craigslist. When I finally found an apartment that seemed suitable, I set up a Skype call with the woman who would be subletting it. She gave me a virtual, highly pixelated tour of the place, (which could have been literally anywhere) and in light of this rigorous analysis I wisely decided to wire her several thousand dollars as an advance on the apartment.

Once I’d finished congratulating myself for being such an adult, it occurred to me to ask her how I’d be getting the keys to the place. “Oh, don’t worry!”, she said. “They’ll be under the flower pot on the porch”. Reassured in the way that only a naïve twenty year old could be, I packed my things and hopped on a plane.

Short of using an escrow service which would have cost me a large chunk of the total amount, there wasn’t much I could’ve have done in the situation. I went with blind trust, hardly a solid foundation for a modern digital economy. Bitcoin has the potential to build a much more solid foundation, and that’s what makes it so revolutionary. Its value is not really that it’s an exceptional payments protocol : payments are only a small subset of the As Marc Andreessen put it, “Bitcoin gives us, for the first time, a way for one Internet user to transfer a unique piece of digital property to another Internet user, such that the transfer is guaranteed to be safe and secure, everyone knows that the transfer has taken place, and nobody can challenge the legitimacy of the transfer.” Bitcoin’s real differentiating factor is the blockchain, which enables geographically distributed parties who do not trust each other to transact in a virtual environment, without needing a third party.

The media has been all aflutter recently with commentary on bitcoin’s plummeting price, but I’ve long been of the mind that this doesn’t matter anyway. Bitcoin is much more useful as a payment rails, an enabler of transactions on an open, global network — in other words, an “IP layer” for this type of payment system. Stripe CTO and Stellar Foundation advisor Greg Brockman described the concept of bitcoin as protocol in his excellent blog post on the matter..

Stellar is a fork of Ripple. It also draws a great deal from Bitcoin, and is optimized for the specific use case of transferring value between pairs of currencies. While Stellar as currency has a market value, its core utility is serving as a conversion path between other currencies as a protocol. The network is composed of gateways, and users hold balances with gateways. As a user, I can make a deposit with a gateway and in return I receive an amount of credit which I can then use to send money in various currencies to other people on the network. This means that using Stellar as an intermediary, I can make a deposit to a gateway in USD and then send Euros to my grandmother in Italy without ever actually having any Euros. The network will pair me with another user who wants to convert euros to dollars and fulfill both sides of the exchange order.

One of the major differentiating factors between Stellar and Bitcoin is that the former requires trust, while the latter does not. If you’re using an intermediary like Coinbase, Circle, or an exchange, you are trusting them, but that’s not ultimately necessary in order to use Bitcoin. This requirement of trust might seem trivial, but it’s actually a huge differentiator. Unlike Bitcoin, which is asset-based, Stellar (like its precursor Ripple) is a debt-based network, meaning that while Stellar is an asset, the other currencies on the network are issued as debt instruments, and exist as balances. Stellar users have to trust the gateway cold wallet, which is how they receive funds. You can choose the amount of trust you place in a given gateway, denominated in the balance you hold with it. Still, you have to trust that when the gateway tells you it will allow you to withdraw a certain amount of money in a given currency in exchange for your credits, it will actually do so. If not, it’s completely irrational to use the system in the first place. The network’s ability to operate is a function of whether this kind of trust is present.

Bitcoin relies on mathematical proof rather than faith and goodwill. In the financial world, you don’t want to hope that someone can be trusted, you want to know so. It’s entirely rational, and in that sense — in that it doesn’t require trust — Bitcoin is superior. Ultimately, however, what matters is not just whether something is theoretically superior, but whether it works in practice. If it does, and it actually provides value to its users, they will be willing to look past its shortcomings and use it regardless. Stellar has the potential to make this happen; reliance on trust will not necessarily be a hindrance to its adoption or an indicator that the project will fail.

Countless studies indicate that people are inherently bad at evaluating risk. In the past few months, a series of security breaches affecting traditional payment networks have given consumers every reason not to trust them. Personal data of somewhere between 70 and 110 million people was stolen from Target. Fifty million credit card numbers were stolen from Home Depot. JP Morgan Chase announced it suffered a monumental data breach in which data about 76 million households and 7 million small businesses was stolen. In 2014 alone, there have been nearly 600 data breaches, yet most consumers seem entirely unphased and haven’t changed their behavior at all in response. While it’s true that consumers don’t actually lose money in the process and the inconvenience of ordering a new card is relatively small, the credit card companies are eating the loss, and those costs are ultimately passed back to the consumer. Bitcoin and other cryptocurrencies can avoid this entirely, as personal identifying information (PII) is never attached to a transaction.

I see two main causes at play for consumers’ apparent lack of concern at the data breaches affecting them: a preference for convenience over security, and a deeply-ingrained inclination to trust. Society is predicated on such an inclination. As David DeSteno writes in The Truth About Trust, “the potential benefits from trusting others considerably outweigh the potential losses on average. The ever-increasing complexity and resources of human society — its technological advancement, interconnected social capital, and burgeoning economic resources — all depend on trust and cooperation. . . . More can be achieved by working together than by working alone. That’s why we trust — plain and simple. The need to increase resources — whether they be financial, physical, or social — often necessitates depending on others to cooperate.” Amazingly enough, for the most part this strategy is actually successful; when I got to the apartment in LA, I found the key under the pot exactly as promised.

Being distrustful is a consistent psychological burden, one which consumers generally reject. If we can’t be convinced to do something as simple as change our passwords in the face of known security breaches, it’s unlikely that concern for a hypothetical scenario in which a gateway doesn’t pay out will keep us from adopting Stellar. Right now the number of people using Stellar is too small to make any claims about the network’s long term fungibility, but I’m looking forward to seeing the ecosystem develop.

Care About Your Financial Privacy? HD Wallets Are Your Friend

Maintaining privacy of transactions is a key tenet in building a robust financial network. Despite all the media hype around Silk Road and the like, this is true even if you’re engaging only in perfectly licit behavior. The beauty of the blockchain lies in its decentralized, open nature, but because of those very characteristics, specific actions need be taken to protect bitcoin transactions and balances from being exposed in undesirable ways. Users can inadvertently reveal sensitive information about themselves and their transaction history if they use a single address for all of their bitcoin activity, which is the default behavior of many wallets today.
When bitcoin addresses are used multiple times, transactions can be linked to one another, and if it becomes known who the participants were in any one such transaction, a large amount of that address’ transaction history can be exposed. For instance, say you work at a company that pays its employees in bitcoin. You would of course know the address that is generating the transaction that pays you, and because the blockchain is public, you could also see the other transactions that were broadcast to the network by that same address. This could allow you, or anyone else who knows the source address, to infer private information around colleagues’ compensation, company ledgers, etc. Both individuals and organizations holding sizable amounts of bitcoin have good reason to avoid linking their addresses and transactions to their identity in a way that is visible to the general public, which could result in targeted theft attempts — or worse.Bitcoin Improvement Proposal 32 (BIP 32), a specification for how to use cryptographic key derivation to manage multiple keypairs with a single secret key, helps reconcile privacy and security concerns. Hierarchical deterministic wallets (also known as HD wallets, but not to be confused with high definition!) offer increased privacy without adding to the burden of managing a large number of keys.Great, so where do you get an HD address? There are a number of providers, but obviously I’m going to recommend BitGo’s. In addition to pioneering multi-signature (BIP 16) addresses, BitGo has made all of its wallets HD, which means that every time a transaction is made with a BitGo address, it is rotated so it appears to the outside world as a new account. However, you don’t need new private keys for this account, because the new keys are derived from your HD keychain.Hierarchical deterministic wallets are just one of several types of deterministic wallets. More broadly speaking, these allow keys to be derived from a single seed. Using the seed alone, users can backup and restore their wallet, but unlike traditional wallets, deterministic wallets must only be backed up once and then remain backed up forever, because all future addresses are determined in advance. This also allows for more efficient key management, as they can be trimmed down to a very small size that can be easily stored in paper format, such as on a QR code. Non-deterministic wallets become larger, more cumbersome, and harder to back up over time.In HD wallets, a seed is used to generate a tree of keypairs. Hierarchical deterministic wallets enable selective sharing because an entire tree of keypairs is created, rather than a single chain. Standard deterministic wallets only include one chain of keypairs, which means that a user would effectively be sharing the entire wallet with someone if she or he wanted to share any of the keys.  With an HD wallet, the user would instead have the ability to share some, but not all, of the public keys.

Multi-sig and hierarchical deterministic wallets are critical foundational technologies which BitGo has invested a great deal of time and resources into implementing, but wide adoption of these standards by major players in the space can only benefit the ecosystem as a whole. BIP16 and BIP32 bring together the security offered by multiple keys and the privacy offered by transaction confidentiality – and that’s a marriage we can all get behind.

Network Security and Proof of Work: Do We Need an Alternative?

The Bitcoin protocol is designed using a proof of work mechanism, which determines who is permitted to sign the transactions that need to be verified. A proof of work (PoW) is a piece of data which is computationally difficult to achieve, meaning that it required a lot of either time or hashing power (or both) to find the solution, but it’s easy to verify that this work was actually completed. Bitcoin uses a proof of work algorithm called hashcash, which has been around a lot longer than bitcoin itself, and was created with the purpose of being an anti denial-of-service (DOS) measure. Hashcash is fairly versatile and can be implemented with a number of functions; bitcoin uses hashcash-SHA256^2.

The proof of work consists in finding a target number that is below a certain target value, and in doing so the miner essentially “proves” that she performed a certain amount of “work” in trying various inputs. If I input a string into the SHA-256 hash function, there is no known way of determining what the output will be. Trial and error is the only way to find an input that will generate a hash that fits the desired criteria. In theory, you could nail it on the first try, but the probability of this happening is very small.

Given the current combined hashing power of the network, on average a solution is found every 10 minutes, at which point the block has been mined and the bitcoins are released as a reward. Every 2016 blocks, which ends up being approximately every two weeks, the algorithm moderates itself and either increases or decreases the difficulty of the problem. In practical terms, this means that it either increases or decreases the target value, so it’s easier or harder to find a value below it. This ensures a relatively smooth rate of release for newly mined bitcoins, and avoids flooding the market with coins at any given time.

It doesn’t matter whether I am using a supercomputer or a laptop to do the proof of work, it’s simply that with a super computer I can go through the attempts much faster, which means I have a higher chance of solving the problem before anyone else and therefore claiming the reward. The only thing that is important is how many hashes I can go through per unit of time, which is why the power of mining hardware is measured in MH/s, GH/s or TH/s (mega, giga and terahashes per second).

Some people in the cryptocurrency community have voiced the concern that miners may not be incentivized to continue mining if the price of bitcoin plummets, or simply because the reward for solving a given block decreases over time. Both are valid concerns but deserve to be addressed separately. In the first case, the assumption is that the reward amount would be too low for it to be worthwhile financially, and once all 21 million bitcoins have been mined this reward goes away entirely. Currently miners are primarily incentivized by the coinbase reward rather than the transaction fees, which is why many blocks end up with few transactions. Miners profit from the transaction fees, and the more transactions they include in a block, the more money they can make, but the opportunity cost of continuing to work on that block rather than go after a new one is high, as a competing block may win, rendering their work a waste of time and computing power.

Let’s assume that for whatever reason the price of bitcoin collapses, and therefore it is significantly less lucrative (net negative, once you factor in the cost of electricity) to mine. If miners are rational actors, most of them will stop mining, which is a problem for the network. The unintended consequence, however, is that mining would become dramatically less competitive, and therefore substantially more lucrative for those miners who continue to mine — at least in the short term. As I mentioned earlier, the algorithm self regulates to keep the average pace at which blocks are solved at around 10 minutes per block. As the bitcoin developer guide explains,

Every 2,016 blocks, the network uses timestamps stored in each block header to calculate the number of seconds elapsed between generation of the first and last of those last 2,016 blocks. The ideal value is 1,209,600 seconds (two weeks).

Based on a comparison to the ideal value, the algorithm either increases or decreases the difficulty of the problem to solve, essentially recalibrating to try and get as close to 1,209,600 seconds as possible. To date, the difficulty has increased as more and more advanced ASIC miners continue to be developed, and more computing power is needed to have a chance at being the first to solve a block. However, the algorithm can also self-regulate in the opposite direction, making it easier to solve the problem by increasing the target value. Difficulty can be decreased by as much as 75%. This component of the protocol is particularly brilliant in design, as it basically guards itself against market shocks that could be produced by sudden swings in the mining power being inputted at any given moment.

Even if the bitcoins they are mining are worth substantially less post crash, if the miners believe that the expected future value of their bitcoins is significantly greater than it is at present, then it would make sense to continue mining. Alternatively, if a large percentage of miners quit because they didn’t anticipate the future value of bitcoin to make their present expenditure worthwhile, the new environment could still attract a new class of miners who are not currently mining because they don’t have the hashing power needed to make it lucrative, but if competition decreased dramatically, it would be. Presumably at this point other miners who had been mining previously would also see this and start getting back into the game, which would ultimately increase competition and start driving things in an upward direction again.

The likelihood that we see a huge drop in the price of bitcoin also decreases substantially over time, as it becomes less probable as the network expands. One of the main reasons bitcoin prices have been fairly volatile to date is that the network (by which I mean the number of consumers with wallets and merchants who accept bitcoin as a form of payment) is still relatively small. Bitcoin’s market cap has been hovering between 7 and 10 billion dollars, which means that any hedge fund worth its salt could take a position and dramatically swing the market. Bridgewater Associates, for instance, is the world’s largest hedge fund with $150 billion in global investments under management. In theory, they could buy ALL the bitcoins that have been mined to date 19x over, and still have enough left to throw in six Instagram acquisitions in for fun. And that’s only one of the top funds. Because the market cap is small, bitcoin to date has been subject to the whims of large actors; as the cap increases, there’s a strong chance that this will change.

There’s also the issue to consider that even in the absence of a price crash, incentives to mine naturally decrease over time as the amount of bitcoin received as a reward for mining a block is halved every 210,000 blocks, or approximately every four years. Theres is reasonable cause for concern that without the incentives provided by block rewards the network will no longer be secured, in that the transaction fees will not be sufficient to support the cost of securing the network. This is a manifestation of the game theory concept of the “Tragedy of the Commons” in which no individual actor wants to perform work or contribute to the community because he believes that she can reap the benefits regardless, but when everyone behaves this way, the system ends up collapsing and leaves everyone worse off. No one wants to pay transaction fees, but if everyone avoids paying them, the miners will have no incentive to keep security levels high, which could result in a systemic collapse.

To some extent, the point in time at which this problem becomes a reality will depend on the price of bitcoin, and no one can accurately predict when the network will reach that point, but even if prices continue to grow this is likely only a case of delaying the inevitable. If a bitcoin today is worth $600 and I receive 25 when mining a block, and in ten years I only receive 6.25 bitcoins for doing the same work, yet each one is worth $100,000, mining still makes a lot of sense. Even considering the investment in mining equipment, assuming that the amount of electricity I will have to expend will be higher, and discounting for 2-3% annual inflation, there’s still a substantial potential upside. There are a number of external factors (exact cost of electricity, price of ASICs or other mining equipment, etc) that will play into this and influence whether the network incentives to mine remain high enough, so it is worthwhile considering other mechanisms, prominent amongst which is proof of stake.

Proof of stake (PoS) is an idea that came about as an alternative solution to proof of work, primarily as a safeguard to some of the original protocol’s perceived shortcomings. Apparently it was first proposed in 2011 in the bitcoin talk forum by “QuantumMechanic”, and since then several models for implementation have been developed. A proof of stake scheme is similar to proof of work in that it is also a mechanism for determining who will sign the transactions in a given block, but instead of relying on hashing power, it uses ownership as the deciding factor. Simply put, if Alice holds 5% of all coins, she has the ability to mine 5% of the blocks.

Theoretically this should increase network security by making it more difficult to mount a 51% attack. In order to do so, someone (probably a mining pool) would have to control over half of all coins in existence, which is much harder to do than controlling 51% of the hashing power. It’s worth considering that this isn’t impossible, as a large centralized pool could form and come to control over half the coins in circulation through a combination of owned coins and loans, for example. Realistically, however, in a proof of stake situation it wouldn’t make much economic sense to mount this type of attack. It would substantially reduce confidence in the network’s security, and likely cause the price to plummet. By crashing the value of a coin in which it is so heavily invested, the malicious mining pool would essentially be shooting itself in the foot. To some degree this is also true in a PoW scenario, but the disincentive is much stronger where PoS is being applied.

Although there’s no way to know exactly if and when an alternative to proof of work will become necessary due to a lack of mining incentives, a proof of stake scheme could also be a desirable solution for environmental and efficiency reasons. Since the proof of work process does not actually solve real-world problems, the energy is essentially burned without a real return, which is suboptimal. Implementing PoS, either in the form of a fork from the main proof of work blockchain or via the use of an altcoin that uses it (ie Peercoin, or something similar) could be significantly less costly than bitcoin mining as it currently stands, because the current system gobbles up a huge amount of electricity. Because PoS uses far less energy, as almost none is expended in the mining process, it would be substantially cheaper to make a profit mining than in a PoW scenario. It would also meaningfully reduce transaction fees in the long run, as miners wouldn’t have to charge high fees in order to cover their power and hardware costs.

We still lack a perfect solution to all these issues, and PoS is not a panacea either. One problem I see with implementing a PoS mechanism is that it could cause illiquidity in the market and lead to great concentrations of wealth. Miners would be incentivized to hold their bitcoin in order to be allowed to mine more, and therefore large concentrations pools of currency would accumulate. Currently, miners have an incentive to convert some of their mined bitcoins into dollars by selling them, but this is largely true because of a) price volatility – it is still risky to hold everything in bitcoin and b) there are still many assets that cannot be purchased using bitcoin. If PoS were implemented, and as both a) and b) become less relevant as the network expands, this could lead to a vast majority of coins being held by very few.

Despite the considerable improvements that proof of stake offers over proof of work in certain spheres, ultimately neither proof of work nor proof of stake offer a perfect solution to long-term network security concerns. Still, both clearly have useful characteristics which, applied in conjunction, could help overcome some of their own shortcomings. Just as I was wrapping up this writeup, Ryan Selkis passed along a fascinating paper by Bentov, Lee, Mizrahi, and Rosenfeld which proposes a third option, called Proof of activity (PoA). PoA is predicated on the belief that neither PoS nor PoW are flawless, and seeks to pull in some of the better aspects of both. Given that this piece has already gotten quite lengthy in just looking at proof of work and proof of stake, I’ll write about the PoA paper separately sometime soon. The paper, titled “Proof of Activity: Extending Bitcoin’s Proof of Work via Proof of Stake”, is fairly technical, but it’s very thorough and for those who are so inclined I definitely recommend a read.

Why You Should Probably Be Using a MultiSig Bitcoin Wallet

I would say I’m generally a jovial person, but if I woke up and realized I’d lost 7,500 bitcoins, I would encourage the rest of the world to back away slowly without making any sudden movements. Fortunately for the public good this hasn’t happened to me, but it did happen to an unfortunate fellow named Jeremy Howells. He became semi notorious in the bitcoin community for accidentally disposing of his hard drive with the keys to all his bitcoins on it.

We’re still in the early stages of bitcoin’s life cycle, and five years is like the blink of an eye in currency-years. There is a strong trend toward mass adoption (5 million wallets growing 8x year over year, according to Mary Meeker’s annual report), but we’re not there yet. As things currently stand, there’s a fundamental disconnect in usability and control. You can choose to keep your private keys yourself in what is known as a client-side wallet, or you can hand them over to another party which stores them for you in a web wallet. When you do the latter, you’re trusting that they are taking appropriate security measures, and keeping at least the majority of your bitcoins in cold storage. Unfortunately, Mt. Gox and other recent fiascos prove that this isn’t always the case, which is why the safest thing to do is probably to diversify your holdings by using a variety  of wallets so if one gets hacked, you don’t lose everything.

You probably like things to be easy; most people do.  Many users simply don’t want the headache of thinking about security, which is the appeal of a full-service solution that stores your private keys for you. The issue is problematic for more advanced or tech-savvy users, who generally want a heightened degree of security without sacrificing the ability to keep control of their assets.

Conveniently enough, the Bitcoin protocol can accommodate such a tall order. Pay to Script Hash (P2SH) is a type of bitcoin address that was introduced as part of Bitcoin Improvement Proposal 16 (also known as BIP 16), as of early 2012. P2SH addresses can be secured using a more complex algorithm than standard addresses and involve the use of multiple Elliptic Curve Digital Signature Algorithm (more commonly known as ECDSA) keys, rather than only one.

Multi signature wallets allow users to maintain direct control over their bitcoins while also removing some of the security burden from them. In the event that one of their private keys is lost or stolen, it’s no longer a catastrophe. The concept in m-of-n signature schemes is fairly simple, at least at an abstract level–in order to complete a transaction, more than one private key (m) is needed out of a total number generated (n). In a 2-of-3 scenario, you would need two out of a total of three keys to withdraw money, but the process for deposits is the same as it would be for a standard address.  You can then approach distributing and storing the keys in various ways. You could hold one key, you could give one (the backup) to a trusted friend or relative, or even store it yourself in a different location from the “main” key, and the third key would be held by yet another party, such as the company offering the service. BitGo is at the forefront of implementing multisig addresses, so I recommend you check them out.

It’s significantly harder for someone to steal two private keys than one, which adds an additional safety net against theft, both physical and digital. It’s more secure than a traditional digital signature setup, and it also offers more protection from human error. If I accidentally go into spring cleaning overdrive and toss out my hard drive with my private keys on it, I can still access my bitcoins using the backup key.

The reason I like multi signature addresses and wallets is that unlike having a vault that is simply insured, they use technology to secure the coins. It’s an actual advancement in the protocol that permits this type of address to be created and used. Insurance does not actually solve the problem of loss or theft– it merely corrects the wrong after the fact. It’s more bandaid than preventative care. It does not offer an advance in technology, as the burden falls on the insurance company; there’s no real gain over insuring a gold ingot, for example. I have no doubt that insurance covering bitcoin assets will become industry standard in the next few years, but if bitcoin ends up requiring all the same cumbersome financial infrastructure as the current system, we will have gone full circle while making little real progress.

I’ve really only looked at the application of multisignature transactions and wallets for security purposes here, but they can also be applied to escrow and transactions involving digital payment for physical goods. They can also be used in institutional or company settings, where more than one person is needed to sign off on something before funds can be released, for instance. The other applications deserve their own post so I’ll address them at a later date.

Is the US Finally Getting It Right?

I don’t usually feel like patting the Federal Reserve on the back, but today just might be an exception. Perhaps it’s the fact that I’ve come to expect the government to screw up, or just the fact that I am endlessly fascinated with bitcoin’s potential, but I think there’s a great deal to feel good about in how the United States is approaching cryptocurrencies these days.

The Federal Elections Commission recently approved bitcoin donations to political campaigns, and although the $100 contribution cap limits its utility, it’s an important first step. A number of US state regulators are working on writing regulation that provides some clarity on the rules surrounding virtual currency and related consumer protections. Even that slow-moving monolith affectionately known as the Federal Reserve is starting to form an opinion – and astoundingly, it’s not bad at all.

Let’s take a step back a from domestic politics to the current international landscape. Today, the US remains the uncontested world hegemon. India is the world’s largest democracy, and we’re up to our eyeballs in debt with China, but as far as both political power and national wealth, the United States is still unparalleled. We seem to be doing our best to relinquish that position, however – our education system leaves much to be desired, particularly in the crucial STEM fields. According to a number of studies, American fifteen year olds lagged far beyond most Asian countries on an international math, science, and reading test. Although China as a whole didn’t participate, Shanghai crushed us — and everyone else — taking the top slot in all three subject areas. It’s not just China, either : Estonia is now teaching coding in its primary schools. Some will argue that many of the best programmers are self-taught, but no harm in getting an early start.

Much of that power and wealth that has brought the US to prominence originated from innovation in STEM fields, and a lot of that talent was imported. At the moment, however, we’re also not doing terribly well in the recruiting department. If we don’t get our act together in facilitating immigration for highly skilled individuals, we risk losing access to a tremendous pool of human capital. Granted, it’s a bit dated, but this study by the Kauffman foundation shows that in Silicon Valley, over 50% of startups were founded by immigrants, and in 2005 alone those companies generated a cool 52 billion dollars in revenue. Not bad.

Stats like these only serve to highlight the urgent need for the US to loosen the legislative environment around immigration, particularly where highly-skilled workers are concerned. Despite the clear benefits it brings, this is a painfully slow and highly politicized process, and perhaps the only reason bitcoin hasn’t suffered the same fate to date is that it is not closely associated with one side of the aisle.

Whereas the United States has great room for improvement in both its approach to education in STEM fields and its policies toward immigrants, one key driver of innovation where it hasn’t failed yet is in its approach to virtual currencies. Bitcoin is still in its nascent stages. As such, there are gains to be had from first mover advantage, not just from an entrepreneurial standpoint but from a regulatory one as well. Bitcoin’s origins are murky, and since no country can claim ownership, it truly is a global project.

It’s becoming increasingly evident that Bitcoin, both the currency and the protocol have the potential to significantly change the direction of the next twenty-plus years. What direction that ends up being, however, remains to be seen. And because the landscape is still largely malleable, it offers a unique opportunity for a power other than the United States to rise to dominance. Given the initial excitement of the Chinese markets toward bitcoin, and the instrumental role they played in driving up prices dramatically at the end of 2013, it seems that China would be well poised to assume that role.

I am not advocating for a global political landscape in which China is the ruling power, or more broadly one in which Bitcoin is the means through which one country rises to dominance over another. There are few periods in history, however, in which we did not see this type of geopolitical system in action. Perhaps I read too much Kindleberger in college, but I don’t think it unreasonable to argue that a system with one clear hegemon is more stable than one in which many nations share similar levels of power. Whether in fifty years that is the US or another country remains to be seen, but I would be surprised if bitcoin didn’t play a role in determining the outcome. At an absolute minimum, widespread adoption of bitcoin has the potential to detract from the dollar’s defacto status as global currency, and offer places like Panama and Zimbabwe which currently use the USD a more neutral alternative.

The other week I quipped on Twitter that China enjoys banning things I’m into (bitcoin obviously, and I work at Facebook). What these things have in common is not that I am involved with them (although my ego would love to believe otherwise) but that they are powerful. They have the power to shift behaviors and paradigms of human interaction.

The Chinese government is clearly afraid of bitcoin, which is a testament to its potential. If it weren’t disruptive, they wouldn’t bother banning it. Even the bans to date, however, come across as half-hearted. Perhaps Xi Jinping and the rest of the Chinese government are just trying to keep a close eye on the situation while they await developments and formulate a long-term strategy. What I find most fascinating is that other governments, particularly the Chinese, would be well poised to capitalize on that potential rather than suffer from it if they chose to strategically guide its adoption instead of banning it altogether. Eventually these things come to a head, and it’s not often pretty when they do.

As Marc Andreessen mentioned in his recent interview with the Washington Post, the Snowden revelations have seriously undermined international trust in American tech industry – and this is just the latest in the saga of reasons for which many countries don’t like us in the slightest. They’re friendly because it’s necessary, but there’s no love lost. Insofar as bitcoin offers the opportunity for many governments to add a degree of separation between themselves and the US by cutting out dependence on the dollar, it is a highly appealing proposition, but at the moment this is not being reflected in these countries’ legislation. By forging an environment that facilitates rather than hinders bitcoin adoption, the United States has the opportunity to stay ahead of the international financial game. It will be interesting to see whether the US is able to keep the momentum up.

Game Theory, Assurance Contracts, and Crowdfunding with Bitcoin

One of my majors in college was international politics, and among the course requirements were a number of classes on game theory. It was one of the most interesting parts of my coursework, but I am sure I wouldn’t have believed it if I’d been told that a few years later I’d be spending an afternoon, of my own volition, writing about using the Bitcoin protocol to create assurance contracts.

The free rider problem in game theory posits that there are situations in which the creation of a public good (for example, building a road) will provide utility to a group of people and leave everyone better off. However, if there is no way of excluding those who did not contribute, many will make the rational decision to not pay and yet still reap the benefits of others’ contributions. In some cases this means that the public good will not be created, and utility is lower for everyone. Assurance contracts represent a way of solving the issue by ensuring that people actually contribute. In one of these binding contracts, a group of people agrees to fund a certain public good when a financial threshold is met. If the project is fully funded, the public good is provided, and if it is not, then the money is returned to those who pledged it.

Another interesting twist is the ability to create dominant assurance contracts. In game theory, a dominant strategy is one that is the best course of action regardless of what the other actors in a scenario do. In an assurance contract situation, a dominant strategy would involve having the entrepreneur agree to pay a certain amount of money back to the contributors in the event the project wasn’t funded. Although this increases the risk for the entrepreneur, it also increases the probability the project will be funded. For the potential contributors, this setup ensures a win-win situation, where funding the project is always the best strategy – they either get the  good, or their money back plus some. I won’t go into great depth about creating dominant assurance contracts with Bitcoin here, but if you’re interested here’s a solid explanation. 

The binding nature of the assurance contract dictates that there must actually be someone enforcing it. This has historically been a third party like a government, a mediator, an escrow service, etc. Reliance on a  third party can be problematic in a number of ways, among which the fact that there’s not necessarily a way to ensure they will operate fairly. In international scenarios involving multiple countries trusting one another, there’s no greater power who can offer that assurance. (The UN was supposed to offer this, but sadly it holds very little real power – consider that in 2010 for instance, only 13 of 193 countries paid their dues on time, and the US itself owed roughly $1.2 billion in arrears.) In situations like this, having an independent arbiter would be key — and better yet one that is not corruptible and technology rather than human-based. Enter the Bitcoin protocol.

The basis of crowdfunding platforms like Kickstarter and Indiegogo is the same – they operate as the third party who collects funds from backers and then releases money to the project creator when the threshold is met. With Bitcoin, the need for a third party is removed and the process can be handled by the technology.

Here’s how it would work:

  1. Alice, an entrepreneur, decides to fundraise for the launch of her new product. She announces that the good will be produced if she can raise 100 BTC, and opens up contributions to anyone. She also creates a new address.
  2.  Everyone who wants to contribute creates a new transaction that spends whatever amount they are pledging to the address Alice provided. They don’t broadcast the transaction. There are a few key differences from a regular transaction: A) Contributors can’t have any change. If they don’t have an address with an output of the right amount, they can create a new one by spending money to one of their own addresses. B) The input script signature is signed with SIGHASH_ALL | SIGHASH_ANYONECANPAY. C) The output value is set to 100 BTC, which is the funding threshold set by Alice.
  3. The transaction is uploaded to Alice’s server, which saves it to disk. It keeps a count of how many bitcoins have been pledged.
  4. When the funding threshold is met, the server merges the individual transactions into a single new one with only one output. That output is then spendable to the address Alice created, and the inputs are collected from the contributors.  Earlier, the transaction was not valid and couldn’t be completed, because the inputs did not match the output. When total contributions reach the 100 BTC threshold, inputs match outputs, and the transaction becomes valid.
  5.  The final transaction is broadcast to the network, sending the contributions to Alice’s address.

The Bitcoin protocol has several properties which make it perfect for crowdfunding and render the above steps possible.

  • The fact that the transaction is not valid if inputs do not match output means that Alice cannot spend the bitcoins she receives until the threshold is met. This ensures that contributors can send her a pledge safely, knowing that it can only be spent when the total project is funded.
  • SIGHASH_ALL means that every part of the transaction is signed with the exception of the input scripts. This is important as it allows the inputs to change (as occurs every time a new contribution is added) without breaking the transaction. If the outputs change, however, the transaction does break. SIGHASH_ANYONECANPAY is an additional modifier that means the signature only covers the input it’s found in – the other inputs are not signed and thus can be anything.

**One thing to be aware of is that the transaction isn’t actually spent until the total threshold is met, so contributors have to be careful not to forget about it and accidentally spend the same transaction twice.

Applying the Bitcoin protocol to assurance contracts and crowdfunding allows us to abstract to technology what could be a very manual process of collecting funds. It removes the roadblock of finding a shared, trusted third party arbiter, which can be particularly difficult – if not impossible – in tense international scenarios, and undesirable in other cases as well. The most incredible thing about it is the enormous range of instances in which it can be used – literally from raising money for a third grade field trip to accepting international contributions to build a refugee camp in a war-torn region. I’d say that’s some legitimate added value — not bad for fake internet money!

What the IRS Ruling Actually Means for Bitcoin

There have been a lot of rumblings since the IRS ruling on bitcoin earlier this week. For those of you who don’t feel like sloshing through several pages of legal drudgery, a brief summary:

  • Bitcoin and other virtual currencies have been deemed property rather than currency, which means they will be subject to capital gains tax when they are sold.
  • Bitcoin ‘investors’  or holders are treated essentially like stock investors.
  • Similarly to stocks, the rate bitcoin is taxed will depend on how long the bitcoins have been held. If they’ve been owned for over a year, the rate is a maximum of 23.8%. If they’ve been owned for less than that, they’re taxable at up to 43.3%.
  • If you’re unfortunate enough to have capital losses, you can deduct up to $3,000 worth of those from your ordinary income.
  • If you’re mining, you’re expected to report the fair market value of the coin as of that day, and it’s taxable as gross income.
  • If you’re paid in bitcoin, you have to pay taxes on it with a standard W-2 (federal income tax withholding applies).

Many questions have been circulating as to what this implies exactly for the future of cryptocurrency, and how it will impact the rate of bitcoin adoption. From my perspective, the primary takeaway from the ruling is that people holding bitcoin will have to keep track of their transactions and report the capital gains on the currency from the time they acquired it to the time they made transaction.

For instance, if I purchased one bitcoin at $100 and then then used that a year later to buy a couch on, and by that point my bitcoin had appreciated to $500, I would have to pay a tax on the difference, in this case $400. This is a hassle. No one wants to keep track of every single purchase they make, and filing taxes is already about as much fun as stabbing yourself in the eye with a fork (which is probably why I still haven’t done it despite the rapidly approaching deadline of April 15, whoops).

Call me a starry-eyed optimist, but I’m excited anyway.

The ruling illustrates that we are approaching critical mass. By that I mean that we are nearing the tipping point at which Bitcoin will be too big to ignore or regulated out of existence. I tend to view bitcoin’s price as a long-term game and as such try not to attribute too much value to any single day’s price movement (also because I’d have to get a pacemaker, and I’m about half a century too young for that) but the market seems fairly unconcerned by the announcement. Movement has been minimal, and the little action we’ve seen has been upward. **This has changed since I originally wrote the post — but again, I view the price as a long-term gain. 

I understand that for some, this is a bit of an ideological let down. At this point Bitcoin has attracted people of all political views, but it was originally very well aligned with libertarian ideals—which are of course at odds with big government, regulation etc. Realistically, however, it has always been a matter of time until regulation was put in place around it. Unless we suddenly collapsed into a state of anarchy, there is no way that the US government would permit a gigantic alternate economy to grow in parallel, organically, untouched. Failure to regulate would imply a tremendous loss of both financial and political power domestically, and from an international relations perspective likely weaken Washington’s image. It would also of course be a huge missed revenue opportunity.
** Of course there are reasons why a government might choose to keep regulations very loose or essentially non-existent, similarly to why some countries have lax tax policies, but I’m not going to delve into that here. 

Finally, I’m somewhat skeptical the ruling will stand exactly as it was just announced for several reasons.

  1. The IRS claims one of the factors contributing to the ruling of bitcoin as property is the fact that nowhere is it currently legal tender. This could change. Quick, somebody call up Tuvalu and ask them to make it their official currency! My bad jokes aside, it’s key to remember that the US is only one of many players in the bitcoin economy, and what ultimately happens in the US will probably be within the context of what other major state actors choose to do.
  2. Assuming that people actually abide by the rule and report every transaction when they make a purchase in bitcoin, that’s a heck of a lot of a work the IRS has just created for itself. We’d then also have to assume that the IRS is able to track all of these transactions, which is questionable. Although bitcoin isn’t as anonymous as many people think, identifying participants in a given transaction can be tricky. That’s a lot of assumptions.  Sifting through billions of these to verify if people are reporting every purchase seems like a task of monumental proportions, and one that is probably infeasible. Unless the IRS decides to relinquish control and just “take people’s word for it” (read: not happening), I am curious as to how exactly this would be implemented.
  3. This week’s announcement was not an actual regulation, and includes a request for comments from the public: “…the Treasury Department and the IRS request comments from the public regarding other types or aspects of virtual currency transactions that should be addressed in future guidance.” You have several options for writing in: you can mail or literally hand-deliver a letter (what?!), or you can email them at

An interesting and much more user-friendly option would be for the IRS to enact an exception similar to that which stands for taxing foreign currency. Under this ruling, “personal transactions” are excluded from those reporting rules, and if the same were extended to bitcoin, this would remove a lot of friction from the system. I hope upcoming Bitcoin rulings trend in this direction, but it will likely be years until definitive legislation is passed on the matter.

Note : I’m no tax lawyer, so all of the above is merely my interpretation of the ruling — I recommend you check it out yourself here.

How Do We Make Bitcoin User-Friendly?

One of the main criticisms of Bitcoin today is that it isn’t user-friendly. It’ll never catch on with the mainstream population, it’s destined to stay confined to a small group of hardcore techie users, and so forth.

I disagree.

I’ve stated before that the level of bitcoin adoption is closely tied to its usability, and that will change with the growth of an ecosystem of companies around it. Some companies are already making it easy to use, and the latest among them is OneName, a decentralized identity system (DIS) with a user directory made of entries in a decentralized key-value store (the Namecoin blockchain). They’re basically applying the Bitcoin protocol to information— your username, bitcoin address, etc (see screenshot below) are stored in the namecoin protocol.

Aside from the fact that having your information in the blockchain is cool, (nerd alert, sorry) it’s also a great leap forward in terms of bitcoin’s usability. Up to this point, sharing your bitcoin address has been cumbersome. Unless you want to memorize a string of random numbers and letters, you have to resort to copy + pasting it to send to anyone who wants to pay you. There’s really no way to do so verbally without subjecting your interlocutor to auditory assault. Even assuming you felt like memorizing your address, there’s next to no chance that the poor recipient is going to remember more than one or two of the string of bits you’re spewing out.

It’s not the best user experience, and it’s different from handy apps like Venmo, in which you can find your friends by name via your email + social network contacts. OneName—which launched last week —brings the same ease of use to bitcoin.

To sign up for it, simply:

  1. Make a profile. Just one thing — OneName is decentralized in the purest sense of the word. They don’t hold your passphrase (the secret string of 12 words that, if entered into something like, returns your private key) so if you lose it, it’s unrecoverable. Don’t lose it.Screen Shot 2014-03-10 at 10.07.24 PM
  2. Direct anyone to your page on OneName (mine is
  3. Someone clicks the QR code and pays you. BOOM! Easy as

Aside from its clear added value from a usability perspective, the best part about OneName is that you retain complete control of your data— nobody owns or controls OneName.

“With Bitcoin, private keys provide us with complete control over our funds — nobody can move it without our permission. In the same way, OneName private keys provide us with complete control over our identities — no individual or entity can usurp our usernames or modify our public data or control the release of our private data without our permission.”

It’s also an open source project, and you can find the protocol specifications here.

Everyone wishes they’d heard about Twitter early enough to claim their name as a handle, but most people didn’t. You should probably snag your OneName handle before they get too big and yours is gone. OneName’s launch was accompanied by a firestorm of attention, (Albert Wenger and Fred Wilson of USV have both written about it already, in the context of decentralized identity) so that might be sooner than you think!

Why Isn’t Your Business Accepting Bitcoin?

Bitcoin has been blowing up the news lately, mostly with bad press stemming from Mt. Gox’s recent collapse . If you’re a business owner who is considering accepting the digital currency, this may be causing heart palpitations. Despite the temporary market unrest, there are huge opportunities for merchants to benefit from accepting bitcoin—I’ve outlined a few below.

Credit card fees usually run around 2-3%, which can make a considerable dent in the profits of businesses operating on low margins. With bitcoin, you can pay substantially lower fees (~ 1%) without needing a huge volume of transactions as leverage with the credit card company. And that’s only if you transfer your money back into local currency— if you keep in bitcoin, you can essentially avoid fees altogether.

It’s true that as your business scales, you can negotiate lower fees from existing CC companies. But let’s be honest: if you’re an entrepreneur, do you really want to spend your time haggling over a fraction of a percent with a rep in a call center on the other side of the planet? Don’t think so. There’s nothing quaint about it. You’re trying to build a company, and this isn’t a Moroccan spice market.

If you’re using a service like PayPal, you’re generally being charged a fixed rate of $0.30 per transaction, plus a percentage transaction fee based on volume. Bitcoin enables peer to peer (or individual to merchant) transactions at a very small scale, making micropayments much more viable than they previously had been, and transactions can be completed for less than half of the cost.

Let’s take a simple example in which you have a business with an annual revenue of 1M. Your credit card processor currently charges you 2% per transaction, or $20,000. If you switch to a bitcoin payment processor, say Coinbase or Bitpay, you can get very close to 1%. You just cut your bill in half, and saved $10,000 by essentially doing nothing.

I can think of a lot of things I’d like to do with $10,000, and giving it to a credit card company isn’t one of them. If you’re in need of inspiration, here’s a list of particularly fantastic things you can buy for 10k (personally, I think it’s a toss up between the hobbit home and the water thrusting jet bike).

Safety from Exchange Rate Risk
There’s no question that bitcoin has been volatile. It still is, and it would be shocking if it weren’t—very few big ideas reach maturity in a span as short as five years. Personally, I view dips in price as opportunities to buy more, but if the possibility that your money could be worth half as much tomorrow keeps you up at night, that’s understandable. The delightful thing is that you needn’t actually hold any of the bitcoin you receive as payment. Most merchants who currently accept it set prices in their local currency and get paid in their local currency. Voilà! Bitcoin operates as the “payment rails”—it’s the medium through which the transaction takes place, but you don’t have to expose yourself to any exchange risk.

International Sales
Bitcoin transactions allow you to expand your markets to basically anywhere, so long as you’re willing to ship there (if you’re selling a physical product. You can accept payments from anywhere. Since there’s no intermediary bank, you don’t have to deal with waiting for ~3 days for the transaction to complete. You can also avoid transfer limits and outrageous fees. As they currently stand, international transactions are a hassle, and there’s a great deal of room for bitcoin to help streamline the process (Timothy Lee of the Washington post wrote a good piece on this).

No Chargebacks
Chargebacks are quite a headache, and dealing with them can sap a considerable amount of time and energy that could be better spent growing your business. Bitcoin transactions are irreversible, which means that you needn’t worry about chargebacks.

It’s still early enough in Bitcoin’s adoption that there are press stories to be written about “the first xxx” to accept bitcoin in a given city or town. Free press—Why not? This shouldn’t be your main rationale for taking bitcoin, but it’s something of an added bonus; leverage the exposure to expand your customer base. These shoppers are also likely to be new customers who may be trying your product or service just because they can pay for it with bitcoin, and that’s your chance to hook them in via a great experience.

Ease of Use

Bitcoin isn’t hard to deal with, and it’s only going to get easier. Please don’t buy into the argument that bitcoin is some complicated, mysterious thing and because you don’t fully understand it, you can’t use it. I would posit that if you polled 1,000 college-educated Americans and asked them to describe in detail how a phone, TV, or refrigerator works, the majority wouldn’t be able to do so. I certainly encourage everyone to become educated on bitcoin before taking the plunge, but a deep technical understanding of cryptographic hashing or how the blockchain works is not necessary.

There are a number of companies that are already making it quite easy for you to accept bitcoin. Two that I have used personally, and therefore feel comfortable recommending, are Shopify and Coinbase. If you use Shopify as a platform for your ecommerce sales, integration is a breeze. You can add it just as simply as you would Paypal or Visa. Coinbase is also super simple to integrate, and offers a solid degree of customization. As an added perk, merchants the first $1,000,000 in transactions free of charge.

There is a myth in circulation that people tend to save bitcoin as an investment or a form of speculation rather than spending it, but there’s increasing evidence that it’s actually being used as a transactional currency. This is not surprising, because as the number of merchants accepting it grows, people have more opportunities to spend it, which then leads more businesses to accept it, and so on. The bottom lefthand section of the infographic below shows an enormous increase in the number of people who spend bitcoin shortly after acquiring it.

People are willing to spend bitcoins — you might as well encourage them to do so at your business.

The number of companies offering B2B services build on the Bitcoin protocol is still fairly small, but there’s already a solid core of reputable, safe ones to choose from. As the network effect widens and more people start accepting bitcoin, you’ll be increasingly able to benefit from the new currency, and even today there’s very little downside and a lot of upside to accepting Bitcoin. And after all, don’t you want to go buy that water thrusting jet bike?

The Non-Expert’s Guide to the Mt. Gox Fiasco

I’ve had a number of friends and acquaintances contact me asking what exactly has been going on with Mt. Gox and its purported insolvency, asking some variation of, “What’s all this hot wallet cold storage transaction malleability business?”I don’t pretend to have any insider information on the topic, but hopefully can provide a comprehensible explanation of what has happened in the past twenty-four hours.

First, a bit of context:

Created in 2010, Mt. Gox is (was?) based in Japan and led by CEO Mark Karpeles. It started out as one of the earliest and most respected Bitcoin exchanges, and quickly grew to be the largest. Since then, it has lost a significant degree of trust. Mt Gox has had issues with withdraws, crashes etc in the past, and most recently declared that transaction malleability, “a bug in bitcoin”, was forcing them to suspend withdrawals. Mt Gox bottomed out yesterday with the news that it appears to have lost over seven hundred thousand bitcoins, most of which were customer funds. Mt. Gox is currently closed for trading, and it is unclear if and when it will reopen.  A crisis strategy document attributed the  bitcoins’ disappearance from their location in cold storage to a leak in the hot wallet.

What’s transaction malleability?

Whenever a bitcoin transaction occurs, it is recorded in the public ledger, which is a list of all bitcoin transactions that have ever taken place. Each of these is identified by a transaction ID (TXID). At a high level, transaction malleability describes the fact that signed transactions can be altered slightly in ways that end up changing the TXID, without invalidating the signature. The Bitcoin community has know about this since 2011 and there are legitimate reasons for which transactions could need to be modified, so it’s not necessarily a problem. Where it did become a problem, however, was where Mt. Gox was using TXIDs (which, to reiterate, are known to be modifiable) as the definitive way to track transactions.

Rather, transaction IDs were designed as an easy reference for support services. “[Processors] will issue this transaction ID, and if you have an issue with the transaction, you can call the support desk and tell them if the transaction didn’t arrive.”

The support desk at Mt. Gox repeatedly reissued disbursements to customers who reported that they hadn’t received funds from transactions linked to a modified TXID. Mt. Gox had no way of verifying the transactions, and the fact that they issued the disbursements regardless apparently resulted in Mt.Gox’s internal records becoming more and more divergent from the public record of transactions.

What are hot wallets and cold storage?

In order to spend bitcoins, you need access to both a public and private key. The public key is your address, where you can recieve bitcoin, and the private key is something like a password that allows you to spend the bitcoins. The practice of storing bitcoin offline, not on the web server or on any computer, is known as keeping them in cold storage. This is exactly what it sounds like—printing your private keys and storing them in a physical wallet, much as you would do with cash. It is done in the interest of safety, so that if a malicious hacker gains access to your account, they wouldn’t be able to run off with all your bitcoins. There are various ways to keep your funds in cold storage, including paper wallets. It’s a wise idea to keep the majority of your bitcoin in cold storage, which is why (most!) Bitcoin exchanges also operate this way. The website (exchange)will hold a certain number of bitcoin in hot storage, in an online wallet, so that it can be withdrawn instantly by people who hold accounts with that exchange. The majority of the reserve will be kept offline in cold storage. Bitcoin exchanges keep all funds, including the amount in cold storage, on hand and do not loan funds out at any time.

So, what’s the problem?

Ostensibly in order to avoid a “run on the bank” type scenario in which distrustful customers would withdraw from Mt. Gox en masse, the exchange halted withdrawals on February 7th. This is not a completely unexpected development. Despite retaining a large percentage of the world’s bitcoin supply in customer accounts, Mt. Gox has been losing credibility in the bitcoin ecosystem for some time. In November of 2013 many customers were already having issues withdrawing their funds, experiencing delays of weeks or even months. The situation continued to compound until the full stop in withdrawals, and culminated in Mt. Gox’s site going white on February 24. They also wiped their twitter feed, and issued a statement that reads,

Dear MtGox Customers,

In light of recent news reports and the potential repercussions on MtGox’s operations and the market, a decision was taken to close all transactions for the time being in order to protect the site and our users. We will be closely monitoring the situation and will react accordingly.

Best regards,
MtGox Team

Is Mt. Gox guilty?

The simple fact that it took Mt. Gox several years to realize that they were missing 744,408 bitcoinsthe equivalent of 6% of the world’s supply of bitcoin, worth 365 million dollars is mind-boggling. In their crisis strategy document, they state that the theft went unnoticed for years. It is challenging to imagine ineptitude at such a grandiose scale, so the logical alternative is that they had been aware of the issue for a long time and voluntarily chose to hide this information from their investors and the public at large.

The document also states that “The cold storage has been wiped out due to a leak in the hot wallet.” If you’re doing it right, the cold storage should not be accessible via the hot wallet, leak or no leak. That’s the whole point of separating the two. As Andreas M. Antonopoulos, Chief Security Officer of Blockchain and respected bitcoin entrepreneur and developer aptly put it, “Cold storage” does not “leak.” If Mt. Gox was truly robbed, it is genuinely an astounding case of carelessness in storing and managing funds on their part.

I have no particular evidence to indicate whether this was actually dishonesty or pure incompetence, and as such will refrain from comment here. Assuming the crisis strategy document is correct, and Karpeles and the rest of Mt. Gox is honest, the funds were stolen through an external attack, the details around which remain murky at best. At the very least, the incident illustrates a formidable lack of attention to detail and a fundamental ignorance of the basic principles of accounting (these can be succinctly summarized as: 1. inputs must be ≥ outputs, 2. don’t lose everyone’s money).

What now?

I have deep sympathy for those who lost money through Mt. Gox. For the Bitcoin ecosystem as a whole, however, it’s likely to be a positive development. Mt. Gox had been destabilizing the price and causing unrest in the market for some time. Evidence of this is the remarkable stability in bitcoin prices following the (at least temporary) demise of the exchange. I hope I am not too naïve about the implications; I fully expect there will be significant volatility in the coming months. I’m still bullish on the long term potential of bitcoin, however. Mt. Gox might be dead, but the network as a whole is finally free to move forward.


** A previous version of this post referenced fractional reserve banking to help explain the concept of fractional reserve banking to help explain hot and cold storage, but following several comments that it was confusing, I’ve removed that section of the post.